CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
wp_nonce_field example
function _wp_dashboard_control_callback( $dashboard, $meta_box ) {
echo '<form method="post" class="dashboard-widget-control-form wp-clearfix">';
wp_dashboard_trigger_widget_control( $meta_box['id'] );
wp_nonce_field( 'edit-dashboard-widget_' . $meta_box['id'], 'dashboard-widget-nonce' );
echo '<input type="hidden" name="widget_id" value="' . esc_attr( $meta_box['id'] ) . '" />';
submit_button( __( 'Save Changes' ) );
echo '</form>';
}
/** * Displays the dashboard. * * @since 2.5.0 */
function wp_dashboard() {
<?php submit_button( $button, 'primary', 'submit', false ); ?>
<a href="<?php echo esc_url( admin_url( 'edit-comments.php' ) ); ?>" class="button-cancel"><?php esc_html_e( 'Cancel' ); ?></a>
</p>
<?php wp_nonce_field( $nonce_action ); ?>
<input type="hidden" name="action" value="<?php echo esc_attr( $formaction ); ?>" />
<input type="hidden" name="c" value="<?php echo esc_attr( $comment->comment_ID ); ?>" />
<input type="hidden" name="noredir" value="1" />
</form>
</div>
<?php
break;
case 'deletecomment':
case 'trashcomment':
case 'deletecomment':
case 'trashcomment':
_e( 'Create a new Privacy Policy page' );
} else {
_e( 'There are no pages.' );
}
?> </label> </th> <td> <form class="wp-create-privacy-page" method="post" action=""> <input type="hidden" name="action" value="create-privacy-page" /> <?php wp_nonce_field( 'create-privacy-page' );
submit_button( __( 'Create' ), 'secondary', 'submit', false, array( 'id' => 'create-page' ) );
?> </form> </td> </tr> <?php if ( $has_pages ) : ?> <tr> <th scope="row"> <label for="page_for_privacy_policy"> <?php if ( $privacy_policy_page_exists ) {
} else {
_e( 'There are no pages.' );
}
?> </label> </th> <td> <form class="wp-create-privacy-page" method="post" action=""> <input type="hidden" name="action" value="create-privacy-page" /> <?php wp_nonce_field( 'create-privacy-page' );
submit_button( __( 'Create' ), 'secondary', 'submit', false, array( 'id' => 'create-page' ) );
?> </form> </td> </tr> <?php if ( $has_pages ) : ?> <tr> <th scope="row"> <label for="page_for_privacy_policy"> <?php if ( $privacy_policy_page_exists ) {
return $upload;
}
/** * Adds a nonce field to the signup page. * * @since MU (3.0.0) */
function signup_nonce_fields() {
$id = mt_rand();
echo "<input type='hidden' name='signup_form_id' value='{$id}' />";
wp_nonce_field( 'signup_form_' . $id, '_signup_form', false );
}
/** * Processes the signup nonce created in signup_nonce_fields(). * * @since MU (3.0.0) * * @param array $result * @return array */
function signup_nonce_check( $result ) {
}
/** * Adds a nonce field to the signup page. * * @since MU (3.0.0) */
function signup_nonce_fields() {
$id = mt_rand();
echo "<input type='hidden' name='signup_form_id' value='{$id}' />";
wp_nonce_field( 'signup_form_' . $id, '_signup_form', false );
}
/** * Processes the signup nonce created in signup_nonce_fields(). * * @since MU (3.0.0) * * @param array $result * @return array */
function signup_nonce_check( $result ) {
do_action( "{$taxonomy}_term_new_form_tag" );
?> > <input type="hidden" name="action" value="add-tag" /> <input type="hidden" name="screen" value="<?php echo esc_attr( $current_screen->id ); ?>" /> <input type="hidden" name="taxonomy" value="<?php echo esc_attr( $taxonomy ); ?>" /> <input type="hidden" name="post_type" value="<?php echo esc_attr( $post_type ); ?>" /> <?php wp_nonce_field( 'add-tag', '_wpnonce_add-tag' ); ?> <div class="form-field form-required term-name-wrap"> <label for="tag-name"><?php _ex( 'Name', 'term name' ); ?></label> <input name="tag-name" id="tag-name" type="text" value="" size="40" aria-required="true" aria-describedby="name-description" /> <p id="name-description"><?php echo $tax->labels->name_field_description; ?></p> </div> <div class="form-field term-slug-wrap"> <label for="tag-slug"><?php _e( 'Slug' ); ?></label> <input name="slug" id="tag-slug" type="text" value="" size="40" aria-describedby="slug-description" /> <p id="slug-description"><?php echo $tax->labels->slug_field_description; ?></p> </div>
<?php echo esc_url( self_admin_url( IS_PROFILE_PAGE ? 'profile.php' : 'user-edit.php' ) ); ?>" method="post" novalidate="novalidate"
<?php
/**
* Fires inside the your-profile form tag on the user editing screen.
*
* @since 3.0.0
*/
do_action( 'user_edit_form_tag' );
?> > <?php wp_nonce_field( 'update-user_' . $user_id ); ?> <?php if ( $wp_http_referer ) : ?> <input type="hidden" name="wp_http_referer" value="<?php echo esc_url( $wp_http_referer ); ?>" /> <?php endif; ?> <p> <input type="hidden" name="from" value="profile" /> <input type="hidden" name="checkuser_id" value="<?php echo get_current_user_id(); ?>" /> </p> <h2><?php _e( 'Personal Options' ); ?></h2> <table class="form-table" role="presentation">
do_action( 'user_edit_form_tag' );
?> > <?php wp_nonce_field( 'update-user_' . $user_id ); ?> <?php if ( $wp_http_referer ) : ?> <input type="hidden" name="wp_http_referer" value="<?php echo esc_url( $wp_http_referer ); ?>" /> <?php endif; ?> <p> <input type="hidden" name="from" value="profile" /> <input type="hidden" name="checkuser_id" value="<?php echo get_current_user_id(); ?>" /> </p> <h2><?php _e( 'Personal Options' ); ?></h2> <table class="form-table" role="presentation">
$current_color = 'fresh';
}
?> <fieldset id="color-picker" class="scheme-list"> <legend class="screen-reader-text"><span> <?php /* translators: Hidden accessibility text. */
_e( 'Admin Color Scheme' );
?> </span></legend> <?php wp_nonce_field( 'save-color-scheme', 'color-nonce', false );
foreach ( $_wp_admin_css_colors as $color => $color_info ) :
?> <div class="color-option <?php echo ( $color === $current_color ) ? 'selected' : ''; ?>"> <input name="admin_color" id="admin_color_<?php echo esc_attr( $color ); ?>" type="radio" value="<?php echo esc_attr( $color ); ?>" class="tog" <?php checked( $color, $current_color ); ?> /> <input type="hidden" class="css_url" value="<?php echo esc_url( $color_info->url ); ?>" /> <input type="hidden" class="icon_colors" value="<?php echo esc_attr( wp_json_encode( array( 'icons' => $color_info->icon_colors ) ) ); ?>" /> <label for="admin_color_<?php echo esc_attr( $color ); ?>"><?php echo esc_html( $color_info->name ); ?></label> <table class="color-palette"> <tr> <?php
}
?> <fieldset id="color-picker" class="scheme-list"> <legend class="screen-reader-text"><span> <?php /* translators: Hidden accessibility text. */
_e( 'Admin Color Scheme' );
?> </span></legend> <?php wp_nonce_field( 'save-color-scheme', 'color-nonce', false );
foreach ( $_wp_admin_css_colors as $color => $color_info ) :
?> <div class="color-option <?php echo ( $color === $current_color ) ? 'selected' : ''; ?>"> <input name="admin_color" id="admin_color_<?php echo esc_attr( $color ); ?>" type="radio" value="<?php echo esc_attr( $color ); ?>" class="tog" <?php checked( $color, $current_color ); ?> /> <input type="hidden" class="css_url" value="<?php echo esc_url( $color_info->url ); ?>" /> <input type="hidden" class="icon_colors" value="<?php echo esc_attr( wp_json_encode( array( 'icons' => $color_info->icon_colors ) ) ); ?>" /> <label for="admin_color_<?php echo esc_attr( $color ); ?>"><?php echo esc_html( $color_info->name ); ?></label> <table class="color-palette"> <tr> <?php
$output = ob_get_clean();
if ( ! empty( $output ) && $this->has_items() ) {
echo $output;
submit_button( __( 'Filter' ), '', 'filter_action', false, array( 'id' => 'post-query-submit' ) );
}
}
if ( ( 'spam' === $comment_status || 'trash' === $comment_status ) && $has_items
&& current_user_can( 'moderate_comments' )
) {
wp_nonce_field( 'bulk-destroy', '_destroy_nonce' );
$title = ( 'spam' === $comment_status ) ? esc_attr__( 'Empty Spam' ) : esc_attr__( 'Empty Trash' );
submit_button( $title, 'apply', 'delete_all', false );
}
/** * Fires after the Filter submit button for comment types. * * @since 2.5.0 * @since 5.6.0 The `$which` parameter was added. * * @param string $comment_status The comment status name. Default 'All'. * @param string $which The location of the extra table nav markup: 'top' or 'bottom'. */
if ( ! empty( $output ) && $this->has_items() ) {
echo $output;
submit_button( __( 'Filter' ), '', 'filter_action', false, array( 'id' => 'post-query-submit' ) );
}
}
if ( ( 'spam' === $comment_status || 'trash' === $comment_status ) && $has_items
&& current_user_can( 'moderate_comments' )
) {
wp_nonce_field( 'bulk-destroy', '_destroy_nonce' );
$title = ( 'spam' === $comment_status ) ? esc_attr__( 'Empty Spam' ) : esc_attr__( 'Empty Trash' );
submit_button( $title, 'apply', 'delete_all', false );
}
/** * Fires after the Filter submit button for comment types. * * @since 2.5.0 * @since 5.6.0 The `$which` parameter was added. * * @param string $comment_status The comment status name. Default 'All'. * @param string $which The location of the extra table nav markup: 'top' or 'bottom'. */
do_action( 'post_edit_form_tag', $post );
$referer = wp_get_referer();
?> > <?php wp_nonce_field( $nonce_action ); ?> <input type="hidden" id="user-id" name="user_ID" value="<?php echo (int) $user_ID; ?>" /> <input type="hidden" id="hiddenaction" name="action" value="<?php echo esc_attr( $form_action ); ?>" /> <input type="hidden" id="originalaction" name="originalaction" value="<?php echo esc_attr( $form_action ); ?>" /> <input type="hidden" id="post_author" name="post_author" value="<?php echo esc_attr( $post->post_author ); ?>" /> <input type="hidden" id="post_type" name="post_type" value="<?php echo esc_attr( $post_type ); ?>" /> <input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo esc_attr( $post->post_status ); ?>" /> <input type="hidden" id="referredby" name="referredby" value="<?php echo $referer ? esc_url( $referer ) : ''; ?>" /> <?php if ( ! empty( $active_post_lock ) ) { ?> <input type="hidden" id="active_post_lock" value="<?php echo esc_attr( implode( ':', $active_post_lock ) ); ?>" /> <?php }
</p>
<form method="post" action="<?php echo esc_url( $_SERVER['REQUEST_URI'] ); ?>" style="display:inline;">
<input type="hidden" name="verify-delete" value="1" />
<input type="hidden" name="action" value="delete-selected" />
<?php
foreach ( (array) $plugins as $plugin ) {
echo '<input type="hidden" name="checked[]" value="' . esc_attr( $plugin ) . '" />';
}
?> <?php wp_nonce_field( 'bulk-plugins' ); ?> <?php submit_button( $data_to_delete ? __( 'Yes, delete these files and data' ) : __( 'Yes, delete these files' ), '', 'submit', false ); ?> </form> <?php
$referer = wp_get_referer();
?> <form method="post" action="<?php echo $referer ? esc_url( $referer ) : ''; ?>" style="display:inline;"> <?php submit_button( __( 'No, return me to the plugin list' ), '', 'submit', false ); ?> </form> </div>
foreach ( (array) $plugins as $plugin ) {
echo '<input type="hidden" name="checked[]" value="' . esc_attr( $plugin ) . '" />';
}
?> <?php wp_nonce_field( 'bulk-plugins' ); ?> <?php submit_button( $data_to_delete ? __( 'Yes, delete these files and data' ) : __( 'Yes, delete these files' ), '', 'submit', false ); ?> </form> <?php
$referer = wp_get_referer();
?> <form method="post" action="<?php echo $referer ? esc_url( $referer ) : ''; ?>" style="display:inline;"> <?php submit_button( __( 'No, return me to the plugin list' ), '', 'submit', false ); ?> </form> </div>
$classes = 'welcome-panel';
$option = (int) get_user_meta( get_current_user_id(), 'show_welcome_panel', true );
// 0 = hide, 1 = toggled to show or single site creator, 2 = multisite site owner. $hide = ( 0 === $option || ( 2 === $option && wp_get_current_user()->user_email !== get_option( 'admin_email' ) ) );
if ( $hide ) {
$classes .= ' hidden';
}
?> <div id="welcome-panel" class="<?php echo esc_attr( $classes ); ?>"> <?php wp_nonce_field( 'welcome-panel-nonce', 'welcomepanelnonce', false ); ?> <a class="welcome-panel-close" href="<?php echo esc_url( admin_url( '?welcome=0' ) ); ?>" aria-label="<?php esc_attr_e( 'Dismiss the welcome panel' ); ?>"><?php _e( 'Dismiss' ); ?></a> <?php /** * Fires when adding content to the welcome panel on the admin dashboard. * * To remove the default welcome panel, use remove_action(): * * remove_action( 'welcome_panel', 'wp_welcome_panel' ); * * @since 3.5.0 */
$option = (int) get_user_meta( get_current_user_id(), 'show_welcome_panel', true );
// 0 = hide, 1 = toggled to show or single site creator, 2 = multisite site owner. $hide = ( 0 === $option || ( 2 === $option && wp_get_current_user()->user_email !== get_option( 'admin_email' ) ) );
if ( $hide ) {
$classes .= ' hidden';
}
?> <div id="welcome-panel" class="<?php echo esc_attr( $classes ); ?>"> <?php wp_nonce_field( 'welcome-panel-nonce', 'welcomepanelnonce', false ); ?> <a class="welcome-panel-close" href="<?php echo esc_url( admin_url( '?welcome=0' ) ); ?>" aria-label="<?php esc_attr_e( 'Dismiss the welcome panel' ); ?>"><?php _e( 'Dismiss' ); ?></a> <?php /** * Fires when adding content to the welcome panel on the admin dashboard. * * To remove the default welcome panel, use remove_action(): * * remove_action( 'welcome_panel', 'wp_welcome_panel' ); * * @since 3.5.0 */
<form method="post" name="adduser" id="adduser" class="validate" novalidate="novalidate"
<?php
/**
* Fires inside the adduser form tag.
*
* @since 3.0.0
*/
do_action( 'user_new_form_tag' );
?> > <input name="action" type="hidden" value="adduser" /> <?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ); ?> <table class="form-table" role="presentation"> <tr class="form-field form-required"> <th scope="row"><label for="adduser-email"><?php echo esc_html( $label ); ?></label></th> <td><input name="email" type="<?php echo esc_attr( $type ); ?>" id="adduser-email" class="wp-suggest-user" value="" /></td> </tr> <tr class="form-field"> <th scope="row"><label for="adduser-role"><?php _e( 'Role' ); ?></label></th> <td><select name="role" id="adduser-role"> <?php wp_dropdown_roles( get_option( 'default_role' ) ); ?> </select> </td> </tr>
do_action( 'user_new_form_tag' );
?> > <input name="action" type="hidden" value="adduser" /> <?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ); ?> <table class="form-table" role="presentation"> <tr class="form-field form-required"> <th scope="row"><label for="adduser-email"><?php echo esc_html( $label ); ?></label></th> <td><input name="email" type="<?php echo esc_attr( $type ); ?>" id="adduser-email" class="wp-suggest-user" value="" /></td> </tr> <tr class="form-field"> <th scope="row"><label for="adduser-role"><?php _e( 'Role' ); ?></label></th> <td><select name="role" id="adduser-role"> <?php wp_dropdown_roles( get_option( 'default_role' ) ); ?> </select> </td> </tr>
/** * Displays a form to upload themes from zip files. * * @since 2.8.0 */
function install_themes_upload() {
?> <p class="install-help"><?php _e( 'If you have a theme in a .zip format, you may install or update it by uploading it here.' ); ?></p> <form method="post" enctype="multipart/form-data" class="wp-upload-form" action="<?php echo esc_url( self_admin_url( 'update.php?action=upload-theme' ) ); ?>"> <?php wp_nonce_field( 'theme-upload' ); ?> <label class="screen-reader-text" for="themezip"> <?php /* translators: Hidden accessibility text. */
_e( 'Theme zip file' );
?> </label> <input type="file" id="themezip" name="themezip" accept=".zip" /> <?php submit_button( __( 'Install Now' ), '', 'install-theme-submit', false ); ?> </form> <?php }
<?php
}
/** * Displays the themes table. * * Overrides the parent display() method to provide a different container. * * @since 3.1.0 */
public function display() {
wp_nonce_field( 'fetch-list-' . get_class( $this ), '_ajax_fetch_list_nonce' );
?> <?php $this->tablenav( 'top' ); ?> <div id="availablethemes"> <?php $this->display_rows_or_placeholder(); ?> </div> <?php $this->tablenav( 'bottom' ); ?> <?php }
/** * Displays the themes table. * * Overrides the parent display() method to provide a different container. * * @since 3.1.0 */
public function display() {
wp_nonce_field( 'fetch-list-' . get_class( $this ), '_ajax_fetch_list_nonce' );
?> <?php $this->tablenav( 'top' ); ?> <div id="availablethemes"> <?php $this->display_rows_or_placeholder(); ?> </div> <?php $this->tablenav( 'bottom' ); ?> <?php }
<div class="akismet-enter-api-key-box centered">
<a href="#"><?php esc_html_e( 'Manually enter an API key', 'akismet' ); ?></a>
<div class="enter-api-key">
<form action="<?php echo esc_url( Akismet_Admin::get_page_url() ); ?>" method="post">
<?php wp_nonce_field( Akismet_Admin::NONCE ) ?>
<input type="hidden" name="action" value="enter-key">
<p style="width: 100%; display: flex; flex-wrap: nowrap; box-sizing: border-box;">
<input id="key" name="key" type="text" size="15" value="" placeholder="<?php esc_attr_e( 'Enter your API key' , 'akismet' ); ?>" class="regular-text code" style="flex-grow: 1; margin-right: 1rem;">
<input type="submit" name="submit" id="submit" class="akismet-button" value="<?php esc_attr_e( 'Connect with API key', 'akismet' );?>">
</p>
</form>
</div>
</div>